Designing a Private and Secure Personal Health Records Access Management System: A Solution Based on IOTA Distributed Ledger Technology

The privacy and security of patients’ health records have been an ongoing issue, and researchers are in a race against technology to design a system that can help stop the compromising of patient data. Many researchers have proposed solutions; however, most solutions have not incorporated potential parameters that can ensure private and secure personal health records management, which is the focus of this study. To design and develop a solution, this research thoroughly investigated existing solutions and identified potential key contexts. These include IOTA Tangle, Distributed Ledger Technology (DLT), IPFS protocols, Application Programming Interface (API), Proxy Re-encryption (PRE), and access control, which are analysed and integrated to secure patient medical records, and Internet of Things (IoT) medical devices, to develop a patient-based access management system that gives patients full control of their health records. This research developed four prototype applications to demonstrate the proposed solution: the web appointment application, the patient application, the doctor application, and the remote medical IoT device application. The results indicate that the proposed framework can improve healthcare services by providing immutable, secure, scalable, trusted, self-managed, and traceable patient health records while giving patients full control of their own medical records.


Introduction
The privacy and security of health records have been the main concerns of patients, as they do not want healthcare providers to be looking at their files when they do not need to [1]. Giving ownership and allowing full control of health records to patients has been one of the remedies to gain their trust in the system. However, this does not mean that privacy and security are ensured. Different techniques and technologies that can guarantee patient privacy and security are explored as options in designing systems to supplement existing PHR. In addition to this, the big data healthcare services hold has become a lucrative source for ransom and is becoming a worldwide issue. These issues are still at large, and researchers and experts are doing their best to come up with solutions that can tackle these issues.
As time flies by, these challenges become more complex due to rapid advancements in technology. New technologies keep emerging, and they all swiftly change the way people live and enable people to work more efficiently. This innovation is not ready to slow down just yet as more technologies that disrupt people's way of life are starting to roll out one by one. Part of this technological revolution is the explosion of billions of devices around the world, and the internet has enabled these devices to be interconnected with one

Key Contexts
Rezaeibagha et al. [17] Semantha et al. [13,28] OmniPHR [26] Healthchain [29] Thwin and Vasupongayya [30] Meier et al. [31] Hussien et al. [32] Skaly [35] Smart Optz [36] Pact [37] Our Proposed Framework IOTA Tangle [38] • • • • Distributed Ledger Technology (DLT) [39] • IPFS protocols [40,41] • • • Application Programming Interface (API) [42] • • Proxy Re-encryption (PRE) [43,44] • • Access control [30] • In this research, we assessed existing solutions to identify the key contexts and to compare the gaps of individual frameworks. To do so, we established a comparative analysis to highlight the inadequacies of the selected frameworks, and we identified the key contexts. The key contexts are IOTA Tangle, Distributed Ledger Technology (DLT), IPFS protocol, Application Programming Interface (API), Proxy Re-encryption (PRE), and access control. Table 1 presents a comparison of our proposed framework to the existing solutions. The key contexts of designing a private and secure personal health records access management system are derived by assessing the relevant studies. The existing solutions do not have at least one or more key contexts to ensure the privacy contexts, which are limitations for these solutions. As a result, the feasibility of the existing solutions is crucial for achieving the success of designing a private and secure personal health records access management system. In Table 1, black dots indicate that the contexts have been addressed. In contrast, the empty ones indicate that the component is either not addressed or implemented, there is a limitation, or there is still no information provided in the study. We incorporated all of the key contexts while developing our proposed solution based on IOTA Distributed Ledger Technology. The identified key contexts are as follows: • IOTA Tangle With PHR, patients are more informed, and it may let them feel that they are mo capable when they can request and make decisions together with clinicians. It allows the to be in control of their health-related activities [33]. This positive feedback from patien does lead to better health outcomes. However, the privacy of patients is not solely solve by giving patients control over their information. How PHR functions in healthcare, wh purposes it serves, and what values it promotes need to be properly articulated. Techno ogy plays a very important role in ensuring privacy policies are expressed precisely an unambiguously while being compliant with standards [34]. A comparative analysis b tween the existing solutions is presented in Table 1.

Key Contexts
Rezaeibagha et al. [17] Semantha et al. [13,28] OmniPHR [26] Healthchain [29] Thwin and Vasupongayya [30] Meier et al. [31] Hussien et al. [32] Skaly [35] Smart Optz [36] Pact [37] Our Proposed Framework IOTA Tangle [38] • • • • Distributed Ledger Technology (DLT) [39] • IPFS protocols [40,41] • • • Application Programming Interface (API) [42] • • Proxy Re-encryption (PRE) [43,44] • • Access control [30] • In this research, we assessed existing solutions to identify the key contexts and compare the gaps of individual frameworks. To do so, we established a comparative ana ysis to highlight the inadequacies of the selected frameworks, and we identified the ke contexts. The key contexts are IOTA Tangle, Distributed Ledger Technology (DLT), IPF protocol, Application Programming Interface (API), Proxy Re-encryption (PRE), and a cess control. Table 1 presents a comparison of our proposed framework to the existin solutions. The key contexts of designing a private and secure personal health records a cess management system are derived by assessing the relevant studies. The existing sol tions do not have at least one or more key contexts to ensure the privacy contexts, whic are limitations for these solutions. As a result, the feasibility of the existing solutions crucial for achieving the success of designing a private and secure personal health record access management system. In Table 1, black dots indicate that the contexts have bee addressed. In contrast, the empty ones indicate that the component is either not addresse or implemented, there is a limitation, or there is still no information provided in the stud We incorporated all of the key contexts while developing our proposed solution based o IOTA Distributed Ledger Technology. The identified key contexts are as follows: • IOTA Tangle With PHR, patients are more informed, and it may let them feel that they a capable when they can request and make decisions together with clinicians. It allo to be in control of their health-related activities [33]. This positive feedback from does lead to better health outcomes. However, the privacy of patients is not solel by giving patients control over their information. How PHR functions in healthca purposes it serves, and what values it promotes need to be properly articulated. ogy plays a very important role in ensuring privacy policies are expressed preci unambiguously while being compliant with standards [34]. A comparative ana tween the existing solutions is presented in Table 1.

Key Contexts
Rezaeibagha et al. [17] Semantha et al. [13,28] OmniPHR [26] Healthchain [29] Thwin and Vasupongayya [30] Meier et al. [31] Hussien et al. [32] Skaly [35] Smart Optz [36] Pact [37] IOTA Tangle [38] • • • Distributed Ledger Technology (DLT) [39] • IPFS protocols [40,41] • • Application Programming Interface (API) [42] • Proxy Re-encryption (PRE) [43,44] • Access control [30] • In this research, we assessed existing solutions to identify the key context compare the gaps of individual frameworks. To do so, we established a comparat ysis to highlight the inadequacies of the selected frameworks, and we identified contexts. The key contexts are IOTA Tangle, Distributed Ledger Technology (DL protocol, Application Programming Interface (API), Proxy Re-encryption (PRE) cess control. Table 1 presents a comparison of our proposed framework to the solutions. The key contexts of designing a private and secure personal health rec cess management system are derived by assessing the relevant studies. The exist tions do not have at least one or more key contexts to ensure the privacy context are limitations for these solutions. As a result, the feasibility of the existing sol crucial for achieving the success of designing a private and secure personal health access management system. In Table 1, black dots indicate that the contexts ha addressed. In contrast, the empty ones indicate that the component is either not ad or implemented, there is a limitation, or there is still no information provided in th We incorporated all of the key contexts while developing our proposed solution b IOTA Distributed Ledger Technology. The identified key contexts are as follows With PHR, patients are more informed, and it may let them feel that capable when they can request and make decisions together with clinicians to be in control of their health-related activities [33]. This positive feedbac does lead to better health outcomes. However, the privacy of patients is no by giving patients control over their information. How PHR functions in h purposes it serves, and what values it promotes need to be properly articu ogy plays a very important role in ensuring privacy policies are expressed unambiguously while being compliant with standards [34]. A comparati tween the existing solutions is presented in Table 1.

Key Contexts
Rezaeibagha et al. [17] Semantha et al. [13,28] OmniPHR [26] Healthchain [29] Thwin and Vasupongayya [30] Meier et al. [31] Hussien et al. [32] Skaly [35] Smart Optz [36] IOTA Tangle [38] • • Distributed Ledger Technology (DLT) [39] • IPFS protocols [40,41] • • Application Programming Interface (API) [42] Proxy Re-encryption (PRE) [43,44] • Access control [30] • In this research, we assessed existing solutions to identify the key c compare the gaps of individual frameworks. To do so, we established a com ysis to highlight the inadequacies of the selected frameworks, and we ide contexts. The key contexts are IOTA Tangle, Distributed Ledger Technolo protocol, Application Programming Interface (API), Proxy Re-encryption cess control. Table 1 presents a comparison of our proposed framework solutions. The key contexts of designing a private and secure personal hea cess management system are derived by assessing the relevant studies. Th tions do not have at least one or more key contexts to ensure the privacy c are limitations for these solutions. As a result, the feasibility of the existi crucial for achieving the success of designing a private and secure persona access management system. In Table 1, black dots indicate that the cont addressed. In contrast, the empty ones indicate that the component is eithe or implemented, there is a limitation, or there is still no information provid We incorporated all of the key contexts while developing our proposed so IOTA Distributed Ledger Technology. The identified key contexts are as f Distributed Ledger Technology (DLT) [39] With PHR, patients are more informed, and it may let them feel that they are more capable when they can request and make decisions together with clinicians. It allows them to be in control of their health-related activities [33]. This positive feedback from patients does lead to better health outcomes. However, the privacy of patients is not solely solved by giving patients control over their information. How PHR functions in healthcare, what purposes it serves, and what values it promotes need to be properly articulated. Technology plays a very important role in ensuring privacy policies are expressed precisely and unambiguously while being compliant with standards [34]. A comparative analysis between the existing solutions is presented in Table 1.
In this research, we assessed existing solutions to identify the key contexts and to compare the gaps of individual frameworks. To do so, we established a comparative analysis to highlight the inadequacies of the selected frameworks, and we identified the key contexts. The key contexts are IOTA Tangle, Distributed Ledger Technology (DLT), IPFS protocol, Application Programming Interface (API), Proxy Re-encryption (PRE), and access control. Table 1 presents a comparison of our proposed framework to the existing solutions. The key contexts of designing a private and secure personal health records access management system are derived by assessing the relevant studies. The existing solutions do not have at least one or more key contexts to ensure the privacy contexts, which are limitations for these solutions. As a result, the feasibility of the existing solutions is crucial for achieving the success of designing a private and secure personal health records access management system. In Table 1, black dots indicate that the contexts have been addressed. In contrast, the empty ones indicate that the component is either not addressed or implemented, there is a limitation, or there is still no information provided in the study. We incorporated all of the key contexts while developing our proposed solution based on IOTA Distributed Ledger Technology. The identified key contexts are as follows: With PHR, patients are more informed, and it may let them feel that they are more capable when they can request and make decisions together with clinicians. It allows them to be in control of their health-related activities [33]. This positive feedback from patients does lead to better health outcomes. However, the privacy of patients is not solely solved by giving patients control over their information. How PHR functions in healthcare, what purposes it serves, and what values it promotes need to be properly articulated. Technology plays a very important role in ensuring privacy policies are expressed precisely and unambiguously while being compliant with standards [34]. A comparative analysis between the existing solutions is presented in Table 1. In this research, we assessed existing solutions to identify the key contexts and to compare the gaps of individual frameworks. To do so, we established a comparative analysis to highlight the inadequacies of the selected frameworks, and we identified the key contexts. The key contexts are IOTA Tangle, Distributed Ledger Technology (DLT), IPFS protocol, Application Programming Interface (API), Proxy Re-encryption (PRE), and access control. Table 1 presents a comparison of our proposed framework to the existing solutions. The key contexts of designing a private and secure personal health records access management system are derived by assessing the relevant studies. The existing solutions do not have at least one or more key contexts to ensure the privacy contexts, which are limitations for these solutions. As a result, the feasibility of the existing solutions is crucial for achieving the success of designing a private and secure personal health records access management system. In Table 1, black dots indicate that the contexts have been addressed. In contrast, the empty ones indicate that the component is either not addressed or implemented, there is a limitation, or there is still no information provided in the study. We incorporated all of the key contexts while developing our proposed solution based on IOTA Distributed Ledger Technology. The identified key contexts are as follows: With PHR, patients are more informed, and it may let them feel that they are more capable when they can request and make decisions together with clinicians. It allows them to be in control of their health-related activities [33]. This positive feedback from patients does lead to better health outcomes. However, the privacy of patients is not solely solved by giving patients control over their information. How PHR functions in healthcare, what purposes it serves, and what values it promotes need to be properly articulated. Technology plays a very important role in ensuring privacy policies are expressed precisely and unambiguously while being compliant with standards [34]. A comparative analysis between the existing solutions is presented in Table 1. In this research, we assessed existing solutions to identify the key contexts and to compare the gaps of individual frameworks. To do so, we established a comparative analysis to highlight the inadequacies of the selected frameworks, and we identified the key contexts. The key contexts are IOTA Tangle, Distributed Ledger Technology (DLT), IPFS protocol, Application Programming Interface (API), Proxy Re-encryption (PRE), and access control. Table 1 presents a comparison of our proposed framework to the existing solutions. The key contexts of designing a private and secure personal health records access management system are derived by assessing the relevant studies. The existing solutions do not have at least one or more key contexts to ensure the privacy contexts, which are limitations for these solutions. As a result, the feasibility of the existing solutions is crucial for achieving the success of designing a private and secure personal health records access management system. In Table 1, black dots indicate that the contexts have been addressed. In contrast, the empty ones indicate that the component is either not addressed or implemented, there is a limitation, or there is still no information provided in the study. We incorporated all of the key contexts while developing our proposed solution based on IOTA Distributed Ledger Technology. The identified key contexts are as follows: With PHR, patients are more informed, and it may let them feel that they are more capable when they can request and make decisions together with clinicians. It allows them to be in control of their health-related activities [33]. This positive feedback from patients does lead to better health outcomes. However, the privacy of patients is not solely solved by giving patients control over their information. How PHR functions in healthcare, what purposes it serves, and what values it promotes need to be properly articulated. Technology plays a very important role in ensuring privacy policies are expressed precisely and unambiguously while being compliant with standards [34]. A comparative analysis between the existing solutions is presented in Table 1. In this research, we assessed existing solutions to identify the key contexts and to compare the gaps of individual frameworks. To do so, we established a comparative analysis to highlight the inadequacies of the selected frameworks, and we identified the key contexts. The key contexts are IOTA Tangle, Distributed Ledger Technology (DLT), IPFS protocol, Application Programming Interface (API), Proxy Re-encryption (PRE), and access control. Table 1 presents a comparison of our proposed framework to the existing solutions. The key contexts of designing a private and secure personal health records access management system are derived by assessing the relevant studies. The existing solutions do not have at least one or more key contexts to ensure the privacy contexts, which are limitations for these solutions. As a result, the feasibility of the existing solutions is crucial for achieving the success of designing a private and secure personal health records access management system. In Table 1, black dots indicate that the contexts have been addressed. In contrast, the empty ones indicate that the component is either not addressed or implemented, there is a limitation, or there is still no information provided in the study. We incorporated all of the key contexts while developing our proposed solution based on IOTA Distributed Ledger Technology. The identified key contexts are as follows: With PHR, patients are more informed, and it may let them feel that they are more capable when they can request and make decisions together with clinicians. It allows them to be in control of their health-related activities [33]. This positive feedback from patients does lead to better health outcomes. However, the privacy of patients is not solely solved by giving patients control over their information. How PHR functions in healthcare, what purposes it serves, and what values it promotes need to be properly articulated. Technology plays a very important role in ensuring privacy policies are expressed precisely and unambiguously while being compliant with standards [34]. A comparative analysis between the existing solutions is presented in Table 1. In this research, we assessed existing solutions to identify the key contexts and to compare the gaps of individual frameworks. To do so, we established a comparative analysis to highlight the inadequacies of the selected frameworks, and we identified the key contexts. The key contexts are IOTA Tangle, Distributed Ledger Technology (DLT), IPFS protocol, Application Programming Interface (API), Proxy Re-encryption (PRE), and access control. Table 1 presents a comparison of our proposed framework to the existing solutions. The key contexts of designing a private and secure personal health records access management system are derived by assessing the relevant studies. The existing solutions do not have at least one or more key contexts to ensure the privacy contexts, which are limitations for these solutions. As a result, the feasibility of the existing solutions is crucial for achieving the success of designing a private and secure personal health records access management system. In Table 1, black dots indicate that the contexts have been addressed. In contrast, the empty ones indicate that the component is either not addressed or implemented, there is a limitation, or there is still no information provided in the study. We incorporated all of the key contexts while developing our proposed solution based on IOTA Distributed Ledger Technology. The identified key contexts are as follows: With PHR, patients are more informed, and it may let them feel that they are more capable when they can request and make decisions together with clinicians. It allows them to be in control of their health-related activities [33]. This positive feedback from patients does lead to better health outcomes. However, the privacy of patients is not solely solved by giving patients control over their information. How PHR functions in healthcare, what purposes it serves, and what values it promotes need to be properly articulated. Technology plays a very important role in ensuring privacy policies are expressed precisely and unambiguously while being compliant with standards [34]. A comparative analysis between the existing solutions is presented in Table 1. In this research, we assessed existing solutions to identify the key contexts and to compare the gaps of individual frameworks. To do so, we established a comparative analysis to highlight the inadequacies of the selected frameworks, and we identified the key contexts. The key contexts are IOTA Tangle, Distributed Ledger Technology (DLT), IPFS protocol, Application Programming Interface (API), Proxy Re-encryption (PRE), and access control. Table 1 presents a comparison of our proposed framework to the existing solutions. The key contexts of designing a private and secure personal health records access management system are derived by assessing the relevant studies. The existing solutions do not have at least one or more key contexts to ensure the privacy contexts, which are limitations for these solutions. As a result, the feasibility of the existing solutions is crucial for achieving the success of designing a private and secure personal health records access management system. In Table 1, black dots indicate that the contexts have been addressed. In contrast, the empty ones indicate that the component is either not addressed or implemented, there is a limitation, or there is still no information provided in the study. We incorporated all of the key contexts while developing our proposed solution based on IOTA Distributed Ledger Technology. The identified key contexts are as follows: With PHR, patients are more informed, and it may let them feel that they are mo capable when they can request and make decisions together with clinicians. It allows the to be in control of their health-related activities [33]. This positive feedback from patien does lead to better health outcomes. However, the privacy of patients is not solely solve by giving patients control over their information. How PHR functions in healthcare, wh purposes it serves, and what values it promotes need to be properly articulated. Techno ogy plays a very important role in ensuring privacy policies are expressed precisely an unambiguously while being compliant with standards [34]. A comparative analysis b tween the existing solutions is presented in Table 1. In this research, we assessed existing solutions to identify the key contexts and compare the gaps of individual frameworks. To do so, we established a comparative ana ysis to highlight the inadequacies of the selected frameworks, and we identified the ke contexts. The key contexts are IOTA Tangle, Distributed Ledger Technology (DLT), IPF protocol, Application Programming Interface (API), Proxy Re-encryption (PRE), and a cess control. Table 1 presents a comparison of our proposed framework to the existin solutions. The key contexts of designing a private and secure personal health records a cess management system are derived by assessing the relevant studies. The existing sol tions do not have at least one or more key contexts to ensure the privacy contexts, whic are limitations for these solutions. As a result, the feasibility of the existing solutions crucial for achieving the success of designing a private and secure personal health record access management system. In Table 1, black dots indicate that the contexts have bee addressed. In contrast, the empty ones indicate that the component is either not addresse or implemented, there is a limitation, or there is still no information provided in the stud We incorporated all of the key contexts while developing our proposed solution based o IOTA Distributed Ledger Technology. The identified key contexts are as follows: With PHR, patients are more informed, and it may let them feel that they a capable when they can request and make decisions together with clinicians. It allo to be in control of their health-related activities [33]. This positive feedback from does lead to better health outcomes. However, the privacy of patients is not solel by giving patients control over their information. How PHR functions in healthca purposes it serves, and what values it promotes need to be properly articulated. ogy plays a very important role in ensuring privacy policies are expressed preci unambiguously while being compliant with standards [34]. A comparative ana tween the existing solutions is presented in Table 1. In this research, we assessed existing solutions to identify the key context compare the gaps of individual frameworks. To do so, we established a comparat ysis to highlight the inadequacies of the selected frameworks, and we identified contexts. The key contexts are IOTA Tangle, Distributed Ledger Technology (DL protocol, Application Programming Interface (API), Proxy Re-encryption (PRE) cess control. Table 1 presents a comparison of our proposed framework to the solutions. The key contexts of designing a private and secure personal health rec cess management system are derived by assessing the relevant studies. The exist tions do not have at least one or more key contexts to ensure the privacy context are limitations for these solutions. As a result, the feasibility of the existing sol crucial for achieving the success of designing a private and secure personal health access management system. In Table 1, black dots indicate that the contexts ha addressed. In contrast, the empty ones indicate that the component is either not ad or implemented, there is a limitation, or there is still no information provided in th We incorporated all of the key contexts while developing our proposed solution b IOTA Distributed Ledger Technology. The identified key contexts are as follows With PHR, patients are more informed, and it may let them feel that capable when they can request and make decisions together with clinicians to be in control of their health-related activities [33]. This positive feedbac does lead to better health outcomes. However, the privacy of patients is no by giving patients control over their information. How PHR functions in h purposes it serves, and what values it promotes need to be properly articu ogy plays a very important role in ensuring privacy policies are expressed unambiguously while being compliant with standards [34]. A comparati tween the existing solutions is presented in Table 1. In this research, we assessed existing solutions to identify the key c compare the gaps of individual frameworks. To do so, we established a com ysis to highlight the inadequacies of the selected frameworks, and we ide contexts. The key contexts are IOTA Tangle, Distributed Ledger Technolo protocol, Application Programming Interface (API), Proxy Re-encryption cess control. Table 1 presents a comparison of our proposed framework solutions. The key contexts of designing a private and secure personal hea cess management system are derived by assessing the relevant studies. Th tions do not have at least one or more key contexts to ensure the privacy c are limitations for these solutions. As a result, the feasibility of the existi crucial for achieving the success of designing a private and secure persona access management system. In Table 1, black dots indicate that the cont addressed. In contrast, the empty ones indicate that the component is eithe or implemented, there is a limitation, or there is still no information provid We incorporated all of the key contexts while developing our proposed so IOTA Distributed Ledger Technology. The identified key contexts are as f With PHR, patients are more informed, and it may let them feel that they are more capable when they can request and make decisions together with clinicians. It allows them to be in control of their health-related activities [33]. This positive feedback from patients does lead to better health outcomes. However, the privacy of patients is not solely solved by giving patients control over their information. How PHR functions in healthcare, what purposes it serves, and what values it promotes need to be properly articulated. Technology plays a very important role in ensuring privacy policies are expressed precisely and unambiguously while being compliant with standards [34]. A comparative analysis between the existing solutions is presented in Table 1.
In this research, we assessed existing solutions to identify the key contexts and to compare the gaps of individual frameworks. To do so, we established a comparative analysis to highlight the inadequacies of the selected frameworks, and we identified the key contexts. The key contexts are IOTA Tangle, Distributed Ledger Technology (DLT), IPFS protocol, Application Programming Interface (API), Proxy Re-encryption (PRE), and access control. Table 1 presents a comparison of our proposed framework to the existing solutions. The key contexts of designing a private and secure personal health records access management system are derived by assessing the relevant studies. The existing solutions do not have at least one or more key contexts to ensure the privacy contexts, which are limitations for these solutions. As a result, the feasibility of the existing solutions is crucial for achieving the success of designing a private and secure personal health records access management system. In Table 1, black dots indicate that the contexts have been addressed. In contrast, the empty ones indicate that the component is either not addressed or implemented, there is a limitation, or there is still no information provided in the study. We incorporated all of the key contexts while developing our proposed solution based on IOTA Distributed Ledger Technology. The identified key contexts are as follows: With PHR, patients are more informed, and it may let them feel that they are more capable when they can request and make decisions together with clinicians. It allows them to be in control of their health-related activities [33]. This positive feedback from patients does lead to better health outcomes. However, the privacy of patients is not solely solved by giving patients control over their information. How PHR functions in healthcare, what purposes it serves, and what values it promotes need to be properly articulated. Technology plays a very important role in ensuring privacy policies are expressed precisely and unambiguously while being compliant with standards [34]. A comparative analysis between the existing solutions is presented in Table 1. In this research, we assessed existing solutions to identify the key contexts and to compare the gaps of individual frameworks. To do so, we established a comparative analysis to highlight the inadequacies of the selected frameworks, and we identified the key contexts. The key contexts are IOTA Tangle, Distributed Ledger Technology (DLT), IPFS protocol, Application Programming Interface (API), Proxy Re-encryption (PRE), and access control. Table 1 presents a comparison of our proposed framework to the existing solutions. The key contexts of designing a private and secure personal health records access management system are derived by assessing the relevant studies. The existing solutions do not have at least one or more key contexts to ensure the privacy contexts, which are limitations for these solutions. As a result, the feasibility of the existing solutions is crucial for achieving the success of designing a private and secure personal health records access management system. In Table 1, black dots indicate that the contexts have been addressed. In contrast, the empty ones indicate that the component is either not addressed or implemented, there is a limitation, or there is still no information provided in the study. We incorporated all of the key contexts while developing our proposed solution based on IOTA Distributed Ledger Technology. The identified key contexts are as follows: With PHR, patients are more informed, and it may let them feel that capable when they can request and make decisions together with clinicians to be in control of their health-related activities [33]. This positive feedbac does lead to better health outcomes. However, the privacy of patients is no by giving patients control over their information. How PHR functions in h purposes it serves, and what values it promotes need to be properly articu ogy plays a very important role in ensuring privacy policies are expressed unambiguously while being compliant with standards [34]. A comparati tween the existing solutions is presented in Table 1. In this research, we assessed existing solutions to identify the key c compare the gaps of individual frameworks. To do so, we established a com ysis to highlight the inadequacies of the selected frameworks, and we ide contexts. The key contexts are IOTA Tangle, Distributed Ledger Technolo protocol, Application Programming Interface (API), Proxy Re-encryption cess control. Table 1 presents a comparison of our proposed framework solutions. The key contexts of designing a private and secure personal hea cess management system are derived by assessing the relevant studies. Th tions do not have at least one or more key contexts to ensure the privacy c are limitations for these solutions. As a result, the feasibility of the existi crucial for achieving the success of designing a private and secure persona access management system. In Table 1, black dots indicate that the cont addressed. In contrast, the empty ones indicate that the component is eithe or implemented, there is a limitation, or there is still no information provid We incorporated all of the key contexts while developing our proposed so IOTA Distributed Ledger Technology. The identified key contexts are as f Application Programming Interface (API) [42] Sensors 2023, 23, x FOR PEER REVIEW With PHR, patients are more informed, and it may let them feel that they a capable when they can request and make decisions together with clinicians. It allo to be in control of their health-related activities [33]. This positive feedback from does lead to better health outcomes. However, the privacy of patients is not solel by giving patients control over their information. How PHR functions in healthca purposes it serves, and what values it promotes need to be properly articulated. ogy plays a very important role in ensuring privacy policies are expressed preci unambiguously while being compliant with standards [34]. A comparative ana tween the existing solutions is presented in Table 1. In this research, we assessed existing solutions to identify the key context compare the gaps of individual frameworks. To do so, we established a comparat ysis to highlight the inadequacies of the selected frameworks, and we identified contexts. The key contexts are IOTA Tangle, Distributed Ledger Technology (DL protocol, Application Programming Interface (API), Proxy Re-encryption (PRE) cess control. Table 1 presents a comparison of our proposed framework to the solutions. The key contexts of designing a private and secure personal health rec cess management system are derived by assessing the relevant studies. The exist tions do not have at least one or more key contexts to ensure the privacy context are limitations for these solutions. As a result, the feasibility of the existing sol crucial for achieving the success of designing a private and secure personal health access management system. In Table  With PHR, patients are more informed, and it may let them feel that capable when they can request and make decisions together with clinicians to be in control of their health-related activities [33]. This positive feedbac does lead to better health outcomes. However, the privacy of patients is no by giving patients control over their information. How PHR functions in h purposes it serves, and what values it promotes need to be properly articu ogy plays a very important role in ensuring privacy policies are expressed unambiguously while being compliant with standards [34]. A comparati tween the existing solutions is presented in Table 1. In this research, we assessed existing solutions to identify the key c compare the gaps of individual frameworks. To do so, we established a com ysis to highlight the inadequacies of the selected frameworks, and we ide contexts. The key contexts are IOTA Tangle, Distributed Ledger Technolo protocol, Application Programming Interface (API), Proxy Re-encryption cess control. Table 1 presents a comparison of our proposed framework solutions. The key contexts of designing a private and secure personal hea cess management system are derived by assessing the relevant studies. Th tions do not have at least one or more key contexts to ensure the privacy c are limitations for these solutions. As a result, the feasibility of the existi crucial for achieving the success of designing a private and secure persona access management system. In Table  With PHR, patients are more informed, and it may let them feel that they are more capable when they can request and make decisions together with clinicians. It allows them to be in control of their health-related activities [33]. This positive feedback from patients does lead to better health outcomes. However, the privacy of patients is not solely solved by giving patients control over their information. How PHR functions in healthcare, what purposes it serves, and what values it promotes need to be properly articulated. Technology plays a very important role in ensuring privacy policies are expressed precisely and unambiguously while being compliant with standards [34]. A comparative analysis between the existing solutions is presented in Table 1. In this research, we assessed existing solutions to identify the key contexts and to compare the gaps of individual frameworks. To do so, we established a comparative analysis to highlight the inadequacies of the selected frameworks, and we identified the key contexts. The key contexts are IOTA Tangle, Distributed Ledger Technology (DLT), IPFS protocol, Application Programming Interface (API), Proxy Re-encryption (PRE), and access control. Table 1 presents a comparison of our proposed framework to the existing solutions. The key contexts of designing a private and secure personal health records access management system are derived by assessing the relevant studies. The existing solutions do not have at least one or more key contexts to ensure the privacy contexts, which are limitations for these solutions. As a result, the feasibility of the existing solutions is crucial for achieving the success of designing a private and secure personal health records access management system. In Table 1, black dots indicate that the contexts have been addressed. In contrast, the empty ones indicate that the component is either not addressed or implemented, there is a limitation, or there is still no information provided in the study. We incorporated all of the key contexts while developing our proposed solution based on IOTA Distributed Ledger Technology. The identified key contexts are as follows: With PHR, patients are more informed, and it may let them feel that capable when they can request and make decisions together with clinicians to be in control of their health-related activities [33]. This positive feedbac does lead to better health outcomes. However, the privacy of patients is no by giving patients control over their information. How PHR functions in h purposes it serves, and what values it promotes need to be properly articu ogy plays a very important role in ensuring privacy policies are expressed unambiguously while being compliant with standards [34]. A comparati tween the existing solutions is presented in Table 1. In this research, we assessed existing solutions to identify the key c compare the gaps of individual frameworks. To do so, we established a com ysis to highlight the inadequacies of the selected frameworks, and we ide contexts. The key contexts are IOTA Tangle, Distributed Ledger Technolo protocol, Application Programming Interface (API), Proxy Re-encryption cess control. Table 1 presents a comparison of our proposed framework solutions. The key contexts of designing a private and secure personal hea cess management system are derived by assessing the relevant studies. Th tions do not have at least one or more key contexts to ensure the privacy c are limitations for these solutions. As a result, the feasibility of the existi crucial for achieving the success of designing a private and secure persona access management system. In Table  ith PHR, patients are more informed, and it may let them feel that they are more le when they can request and make decisions together with clinicians. It allows them in control of their health-related activities [33]. This positive feedback from patients lead to better health outcomes. However, the privacy of patients is not solely solved ving patients control over their information. How PHR functions in healthcare, what oses it serves, and what values it promotes need to be properly articulated. Technollays a very important role in ensuring privacy policies are expressed precisely and biguously while being compliant with standards [34]. A comparative analysis bethe existing solutions is presented in Table 1 n this research, we assessed existing solutions to identify the key contexts and to are the gaps of individual frameworks. To do so, we established a comparative analo highlight the inadequacies of the selected frameworks, and we identified the key xts. The key contexts are IOTA Tangle, Distributed Ledger Technology (DLT), IPFS col, Application Programming Interface (API), Proxy Re-encryption (PRE), and acontrol. Table 1 presents a comparison of our proposed framework to the existing ions. The key contexts of designing a private and secure personal health records acanagement system are derived by assessing the relevant studies. The existing soludo not have at least one or more key contexts to ensure the privacy contexts, which mitations for these solutions. As a result, the feasibility of the existing solutions is al for achieving the success of designing a private and secure personal health records s management system. In Table  With PHR, patients are more informed, and it may let them feel that they are more capable when they can request and make decisions together with clinicians. It allows them to be in control of their health-related activities [33]. This positive feedback from patients does lead to better health outcomes. However, the privacy of patients is not solely solved by giving patients control over their information. How PHR functions in healthcare, what purposes it serves, and what values it promotes need to be properly articulated. Technology plays a very important role in ensuring privacy policies are expressed precisely and unambiguously while being compliant with standards [34]. A comparative analysis between the existing solutions is presented in Table 1. In this research, we assessed existing solutions to identify the key contexts and to compare the gaps of individual frameworks. To do so, we established a comparative analysis to highlight the inadequacies of the selected frameworks, and we identified the key contexts. The key contexts are IOTA Tangle, Distributed Ledger Technology (DLT), IPFS protocol, Application Programming Interface (API), Proxy Re-encryption (PRE), and access control. Table 1 presents a comparison of our proposed framework to the existing solutions. The key contexts of designing a private and secure personal health records access management system are derived by assessing the relevant studies. The existing solutions do not have at least one or more key contexts to ensure the privacy contexts, which are limitations for these solutions. As a result, the feasibility of the existing solutions is crucial for achieving the success of designing a private and secure personal health records access management system. In Table 1, black dots indicate that the contexts have been addressed. In contrast, the empty ones indicate that the component is either not addressed or implemented, there is a limitation, or there is still no information provided in the study. We incorporated all of the key contexts while developing our proposed solution based on IOTA Distributed Ledger Technology. The identified key contexts are as follows: With PHR, patients are more informed, and it may let them feel that they are more capable when they can request and make decisions together with clinicians. It allows them to be in control of their health-related activities [33]. This positive feedback from patients does lead to better health outcomes. However, the privacy of patients is not solely solved by giving patients control over their information. How PHR functions in healthcare, what purposes it serves, and what values it promotes need to be properly articulated. Technology plays a very important role in ensuring privacy policies are expressed precisely and unambiguously while being compliant with standards [34]. A comparative analysis between the existing solutions is presented in Table 1. In this research, we assessed existing solutions to identify the key contexts and to compare the gaps of individual frameworks. To do so, we established a comparative analysis to highlight the inadequacies of the selected frameworks, and we identified the key contexts. The key contexts are IOTA Tangle, Distributed Ledger Technology (DLT), IPFS protocol, Application Programming Interface (API), Proxy Re-encryption (PRE), and access control. Table 1 presents a comparison of our proposed framework to the existing solutions. The key contexts of designing a private and secure personal health records access management system are derived by assessing the relevant studies. The existing solutions do not have at least one or more key contexts to ensure the privacy contexts, which are limitations for these solutions. As a result, the feasibility of the existing solutions is crucial for achieving the success of designing a private and secure personal health records access management system. In Table 1, black dots indicate that the contexts have been addressed. In contrast, the empty ones indicate that the component is either not addressed or implemented, there is a limitation, or there is still no information provided in the study. We incorporated all of the key contexts while developing our proposed solution based on IOTA Distributed Ledger Technology. The identified key contexts are as follows: With PHR, patients are more informed, and it may let them feel that they are more capable when they can request and make decisions together with clinicians. It allows them to be in control of their health-related activities [33]. This positive feedback from patients does lead to better health outcomes. However, the privacy of patients is not solely solved by giving patients control over their information. How PHR functions in healthcare, what purposes it serves, and what values it promotes need to be properly articulated. Technology plays a very important role in ensuring privacy policies are expressed precisely and unambiguously while being compliant with standards [34]. A comparative analysis between the existing solutions is presented in Table 1. In this research, we assessed existing solutions to identify the key contexts and to compare the gaps of individual frameworks. To do so, we established a comparative analysis to highlight the inadequacies of the selected frameworks, and we identified the key contexts. The key contexts are IOTA Tangle, Distributed Ledger Technology (DLT), IPFS protocol, Application Programming Interface (API), Proxy Re-encryption (PRE), and access control. Table 1 presents a comparison of our proposed framework to the existing solutions. The key contexts of designing a private and secure personal health records access management system are derived by assessing the relevant studies. The existing solutions do not have at least one or more key contexts to ensure the privacy contexts, which are limitations for these solutions. As a result, the feasibility of the existing solutions is crucial for achieving the success of designing a private and secure personal health records access management system. In Table 1, black dots indicate that the contexts have been addressed. In contrast, the empty ones indicate that the component is either not addressed or implemented, there is a limitation, or there is still no information provided in the study. We incorporated all of the key contexts while developing our proposed solution based on IOTA Distributed Ledger Technology. The identified key contexts are as follows: With PHR, patients are more informed, and it may let them feel that they are more capable when they can request and make decisions together with clinicians. It allows them to be in control of their health-related activities [33]. This positive feedback from patients does lead to better health outcomes. However, the privacy of patients is not solely solved by giving patients control over their information. How PHR functions in healthcare, what purposes it serves, and what values it promotes need to be properly articulated. Technology plays a very important role in ensuring privacy policies are expressed precisely and unambiguously while being compliant with standards [34]. A comparative analysis between the existing solutions is presented in Table 1. In this research, we assessed existing solutions to identify the key contexts and to compare the gaps of individual frameworks. To do so, we established a comparative analysis to highlight the inadequacies of the selected frameworks, and we identified the key contexts. The key contexts are IOTA Tangle, Distributed Ledger Technology (DLT), IPFS protocol, Application Programming Interface (API), Proxy Re-encryption (PRE), and access control. Table 1 presents a comparison of our proposed framework to the existing solutions. The key contexts of designing a private and secure personal health records access management system are derived by assessing the relevant studies. The existing solutions do not have at least one or more key contexts to ensure the privacy contexts, which are limitations for these solutions. As a result, the feasibility of the existing solutions is crucial for achieving the success of designing a private and secure personal health records access management system. In Table 1, black dots indicate that the contexts have been addressed. In contrast, the empty ones indicate that the component is either not addressed or implemented, there is a limitation, or there is still no information provided in the study. We incorporated all of the key contexts while developing our proposed solution based on IOTA Distributed Ledger Technology. The identified key contexts are as follows: With PHR, patients are more informed, and it may let them feel that capable when they can request and make decisions together with clinicians to be in control of their health-related activities [33]. This positive feedbac does lead to better health outcomes. However, the privacy of patients is no by giving patients control over their information. How PHR functions in h purposes it serves, and what values it promotes need to be properly articu ogy plays a very important role in ensuring privacy policies are expressed unambiguously while being compliant with standards [34]. A comparati tween the existing solutions is presented in Table 1. In this research, we assessed existing solutions to identify the key c compare the gaps of individual frameworks. To do so, we established a com ysis to highlight the inadequacies of the selected frameworks, and we ide contexts. The key contexts are IOTA Tangle, Distributed Ledger Technolo protocol, Application Programming Interface (API), Proxy Re-encryption cess control. Table 1 presents a comparison of our proposed framework solutions. The key contexts of designing a private and secure personal hea cess management system are derived by assessing the relevant studies. Th tions do not have at least one or more key contexts to ensure the privacy c are limitations for these solutions. As a result, the feasibility of the existi crucial for achieving the success of designing a private and secure persona access management system. In Table 1, black dots indicate that the cont addressed. In contrast, the empty ones indicate that the component is eithe or implemented, there is a limitation, or there is still no information provid We incorporated all of the key contexts while developing our proposed so IOTA Distributed Ledger Technology. The identified key contexts are as f In this research, we assessed existing solutions to identify the key contexts and to compare the gaps of individual frameworks. To do so, we established a comparative analysis to highlight the inadequacies of the selected frameworks, and we identified the key contexts. The key contexts are IOTA Tangle, Distributed Ledger Technology (DLT), IPFS protocol, Application Programming Interface (API), Proxy Re-encryption (PRE), and access control. Table 1 presents a comparison of our proposed framework to the existing solutions. The key contexts of designing a private and secure personal health records access management system are derived by assessing the relevant studies. The existing solutions do not have at least one or more key contexts to ensure the privacy contexts, which are limitations for these solutions. As a result, the feasibility of the existing solutions is crucial for achieving the success of designing a private and secure personal health records access management system. In Table 1, black dots indicate that the contexts have been addressed. In contrast, the empty ones indicate that the component is either not addressed or implemented, there is a limitation, or there is still no information provided in the study. We incorporated all of the key contexts while developing our proposed solution based on IOTA Distributed Ledger Technology. The identified key contexts are as follows: Proxy Re-encryption (PRE) • Access Control

Comparison with Blockchain
The majority of decentralized cryptocurrencies, including all of the more well-known ones, such as Bitcoin, Ethereum, and numerous others, demand that anybody conducting a transaction on the network pay a charge for the services offered. The explanation is that a miner charges a fee for each transaction in the blockchain as proof of their effort. The role of the miner is to validate the transactions of users by computing specific algorithms and to produce blocks of blockchain. As the number of users grows, so will the fee. IOTA, however, eliminates miners and allows users to confirm each other's transactions with a small amount of proof of work, which enables feeless transactions. IOTA defines its principle as "Help others, and others will help you; however, if you choose not to help others, others will not help you either" [45].
Both blockchain and IOTA employ Distributed Ledger Technology; however, the way they use DLT is significantly different from one another. IOTA adopts a DAG structure, whereas blockchain uses a chain type of block. Thus, blockchain has speed, scalability, block size, interoperability, and sustainability restrictions, but IOTA overcomes those issues by using the DAG structure [46]. While just one block is utilized for transaction recording in the blockchain, DAGs allow for the simultaneous existence of several nodes.
Blockchain offers promising potential solutions, but it also has challenges in terms of cost, scalability, and flexibility in data access management. IOTA and the Tangle have characteristics that can overcome some of the challenges or limitations of blockchain. Exploring this technology as a solution also comes in handy with the evolving IoT devices that are intended for the healthcare industry, such as emergency sensors, remote patient monitoring devices, and health and fitness wearables, to name a few [47].

Materials and Methods
This section will describe the technologies used in the proposed framework, using IOTA as its key element. In this study, IOTA Distributed Ledgers are used to develop a patient-based access management system. IoT devices will be considered in designing the framework, as these patient-data-generating devices may be used at any point throughout the patient's journey.

Comparison with Blockchain
The majority of decentralized cryptocurrencies, including all of the more well-known ones, such as Bitcoin, Ethereum, and numerous others, demand that anybody conducting a transaction on the network pay a charge for the services offered. The explanation is that a miner charges a fee for each transaction in the blockchain as proof of their effort. The role of the miner is to validate the transactions of users by computing specific algorithms and to produce blocks of blockchain. As the number of users grows, so will the fee. IOTA, however, eliminates miners and allows users to confirm each other's transactions with a small amount of proof of work, which enables feeless transactions. IOTA defines its principle as "Help others, and others will help you; however, if you choose not to help others, others will not help you either" [45].
Both blockchain and IOTA employ Distributed Ledger Technology; however, the way they use DLT is significantly different from one another. IOTA adopts a DAG structure, whereas blockchain uses a chain type of block. Thus, blockchain has speed, scalability, block size, interoperability, and sustainability restrictions, but IOTA overcomes those issues by using the DAG structure [46]. While just one block is utilized for transaction recording in the blockchain, DAGs allow for the simultaneous existence of several nodes.
Blockchain offers promising potential solutions, but it also has challenges in terms of cost, scalability, and flexibility in data access management. IOTA and the Tangle have characteristics that can overcome some of the challenges or limitations of blockchain. Exploring this technology as a solution also comes in handy with the evolving IoT devices that are intended for the healthcare industry, such as emergency sensors, remote patient monitoring devices, and health and fitness wearables, to name a few [47].

Materials and Methods
This section will describe the technologies used in the proposed framework, using IOTA as its key element. In this study, IOTA Distributed Ledgers are used to develop a patient-based access management system. IoT devices will be considered in designing the framework, as these patient-data-generating devices may be used at any point throughout the patient's journey.

IOTA Tangle
IOTA Tangle consists of tips, confirmed, unconfirmed, coordinator, and milestones nodes [48], as shown in Figure 1.  In the tangle, tips are unconfirmed new transactions. Whenever a new transaction is created, the node selects two other transactions using the Markov chain Monte Carlo (MCMC) Random Walk algorithm. The algorithm traverses the tangle and chooses the most weighted nodes to eliminate lazy tips. The node confirms that chosen transactions are not conflicting, and then a cryptographic puzzle, which is a finding nonce, needs to be solved to join the node tangle. After the node has joined the tangle, it becomes a new tip. Every node in the tangle has its own cumulative weight [45]. For instance, the cumulative weight of V6 can be calculated as Equation (1). V6(cumulative weight) = V6(own weight) + V8 + V9 + V10 + V11 + V12 V6(cumulative weight) = 1+ 2 + 1 + 1 + 1 + 1 = 7 (1) A higher number of weights shows the importance of the node in the tangle. Milestones are checkpoints created by coordinators to validate transactions. Therefore, transactions must be validated either directly by coordinators or indirectly by milestones [48]. Currently, IOTA is using coordinators, and it is issued by the IOTA Foundation. For that reason, IOTA cannot be considered fully decentralized. However, the IOTA Foundation introduced Coordicide, an algorithm to eliminate coordinators and make the tangle fully decentralized [49].

IOTA Address Generation
In Figure 2, IOTA addresses are created from a seed, and a seed is generated by patients with random seed generators.
In the tangle, tips are unconfirmed new transactions. Whenever a new transaction is created, the node selects two other transactions using the Markov chain Monte Carlo (MCMC) Random Walk algorithm. The algorithm traverses the tangle and chooses the most weighted nodes to eliminate lazy tips. The node confirms that chosen transactions are not conflicting, and then a cryptographic puzzle, which is a finding nonce, needs to be solved to join the node tangle. After the node has joined the tangle, it becomes a new tip. Every node in the tangle has its own cumulative weight [45]. For instance, the cumulative weight of V6 can be calculated as Equation (1). V6(cumulative weight) = V6(own weight) + V8 + V9 + V10 + V11 + V12 V6(cumulative weight) = 1+ 2 + 1 + 1 + 1 + 1 = 7 (1) A higher number of weights shows the importance of the node in the tangle. Milestones are checkpoints created by coordinators to validate transactions. Therefore, transactions must be validated either directly by coordinators or indirectly by milestones [48]. Currently, IOTA is using coordinators, and it is issued by the IOTA Foundation. For that reason, IOTA cannot be considered fully decentralized. However, the IOTA Foundation introduced Coordicide, an algorithm to eliminate coordinators and make the tangle fully decentralized [49].

IOTA Address Generation
In Figure 2, IOTA addresses are created from a seed, and a seed is generated by patients with random seed generators. A seed is the patient's private key for IOTA transactions; hence, it must be produced and maintained safely. The length of a seed is 81 trytes. A tryte is 3 trits (−1, 0, 1); thus, there are 3 3 possible outcomes. Therefore, the Tryte Alphabet consists of 27 characters (9ABCDEFGHIJKLMNOPQRSTUVWXYZ) [29]. There are 27 81 possible seeds that can be generated. In comparison to Bitcoin's seed generation (2 256 ), IOTA offers a wider range of keys to enhance each key's uniqueness (Equation (2)). A seed is the patient's private key for IOTA transactions; hence, it must be produced and maintained safely. The length of a seed is 81 trytes. A tryte is 3 trits (−1, 0, 1); thus, there are 3 3 possible outcomes. Therefore, the Tryte Alphabet consists of 27 characters (9ABCDEFGHIJKLMNOPQRSTUVWXYZ) [29]. There are 27 81 possible seeds that can be generated. In comparison to Bitcoin's seed generation (2 256 ), IOTA offers a wider range of keys to enhance each key's uniqueness (Equation (2)). is broken down to N segments, it is hashed 26 times with the World of Tanks (WOT) algorithm and digested with the Keccak-384 based Kerl hash algorithm [52]. After final hashing, an 81-tryte-length public key (IOTA Address) is created. Due to the nature of One-Time Signatures, when a transaction is digitally signed, a part of the sender's private key is revealed to the receiver. Therefore, addresses that are used for spending should not be used again [53]. However, an IOTA address can receive many transactions without revealing private keys.
After IOTA Addresses are created, patients can then use one of the IOT addresses for health records.

IOTA Message Frame
In the proposed framework, each new patient record is encrypted with a new Advanced Encryption Standard (AES)-256 symmetric key. Encrypted files are stored in IPFS together with a corresponding content identifier (CID) collected. Then, the medical header is created by categorizing new data into three sections, such as main category, subcategory, and version number, as shown in Figure 3. After the medical header is created, it is combined with IPFS CID and encrypted through AES-256 symmetric key. Using a universally unique identifier (UUID), the header goes through another encryption. The encrypted medical header is recorded in an IOTA message and saved as a transaction in a patent IOTA address.
For address generation, IOTA uses quantum computer proof Winternitz One-Time Signature, which is a hash-based algorithm [50,51]. Figure 2 demonstrates private key generation with the given index number, security level, and seed. First, using the seed (private key) with an index number, sub-seeds are created by hashing them. Sub-seeds are hashed again, and N numbers of sub-private keys are created. After the private key is broken down to N segments, it is hashed 26 times with the World of Tanks (WOT) algorithm and digested with the Keccak-384 based Kerl hash algorithm [52]. After final hashing, an 81-tryte-length public key (IOTA Address) is created. Due to the nature of One-Time Signatures, when a transaction is digitally signed, a part of the sender's private key is revealed to the receiver. Therefore, addresses that are used for spending should not be used again [53]. However, an IOTA address can receive many transactions without revealing private keys.
After IOTA Addresses are created, patients can then use one of the IOT addresses for health records.

IOTA Message Frame
In the proposed framework, each new patient record is encrypted with a new Advanced Encryption Standard (AES)-256 symmetric key. Encrypted files are stored in IPFS together with a corresponding content identifier (CID) collected. Then, the medical header is created by categorizing new data into three sections, such as main category, subcategory, and version number, as shown in Figure 3. After the medical header is created, it is combined with IPFS CID and encrypted through AES-256 symmetric key. Using a universally unique identifier (UUID), the header goes through another encryption. The encrypted medical header is recorded in an IOTA message and saved as a transaction in a patent IOTA address. IOTA MAM is developed on the IOTA main network as a second layer to share data across the network [47]. Anyone in the network can create a channel, and MAM messages IOTA MAM is developed on the IOTA main network as a second layer to share data across the network [47]. Anyone in the network can create a channel, and MAM messages through the network are based on Gossip Protocol [54], as shown in Figure 4. IOTA MAM provides three different types of communication channels: public, private, and restricted. In public mode, a root is shared publicly, and messages are encrypted with a root. Therefore, anyone with a root address can access the channel and read the message. In private mode, the root address is hashed; thus, everyone can listen, but only subscribers with the root key can decrypt the messages. In restricted mode, the root is hashed, and messages are encrypted with a side key [47]. An example of a data stream is illustrated in Figure 4. Each message contains a hashed next root (private or restricted Mode).
through the network are based on Gossip Protocol [54], as shown in Figure 4. IOTA MAM provides three different types of communication channels: public, private, and restricted. In public mode, a root is shared publicly, and messages are encrypted with a root. Therefore, anyone with a root address can access the channel and read the message. In private mode, the root address is hashed; thus, everyone can listen, but only subscribers with the root key can decrypt the messages. In restricted mode, the root is hashed, and messages are encrypted with a side key [47]. An example of a data stream is illustrated in Figure 4. Each message contains a hashed next root (private or restricted Mode).

Proof of Work
It is mentioned that IOTA bundles consist of input and output transactions, and each transaction is signed with a private key. After this, using weighted random work (MCMC) [38], two tips are selected where they are leaf nodes of the confirmed transaction. Then, confirmed transactions that are found during the random work are assigned as branch and truck transactions to later calculate the nonce. IOTA uses the Curl algorithm for Proof of Work (PoW) to calculate nonce. The purpose of this PoW algorithm is to avoid spam and Sybil attacks [48].

Smart Contracts
Smart contracts are software codes that automatically execute when certain conditions specified by the developer are met [55]. Users can operate a permissioned smart contract chain that is validated by a committee in IOTA smart contracts. Nodes in the committee can be selected, or users can use their own committees to run smart contracts. In the proposed framework, smart contracts can be validated by nodes of committees planted in hospitals. There are three smart contracts. The first smart contract is created by hospitals to charge patients for hospital expenses. The second smart contract, which is linked to smart contract 1, is created by the Patient Data Visualizer (PDV) to assign IoT

Proof of Work
It is mentioned that IOTA bundles consist of input and output transactions, and each transaction is signed with a private key. After this, using weighted random work (MCMC) [38], two tips are selected where they are leaf nodes of the confirmed transaction. Then, confirmed transactions that are found during the random work are assigned as branch and truck transactions to later calculate the nonce. IOTA uses the Curl algorithm for Proof of Work (PoW) to calculate nonce. The purpose of this PoW algorithm is to avoid spam and Sybil attacks [48].

Smart Contracts
Smart contracts are software codes that automatically execute when certain conditions specified by the developer are met [55]. Users can operate a permissioned smart contract chain that is validated by a committee in IOTA smart contracts. Nodes in the committee can be selected, or users can use their own committees to run smart contracts. In the proposed framework, smart contracts can be validated by nodes of committees planted in hospitals. There are three smart contracts. The first smart contract is created by hospitals to charge patients for hospital expenses. The second smart contract, which is linked to smart contract 1, is created by the Patient Data Visualizer (PDV) to assign IoT devices to patients. Every IoT device used during a hospital stay is charged separately to the patient. The third smart contract created by a patient allows authorized entities to access patient health records.

Private-Public Key Management
In the framework, the Proxy Re-encryption (PRE) method is proposed for key management. Proxy Re-encryption is a method whereas proxy server converts cyphertext A (C A ), which is encrypted with pk A , to cyphertext B (C B ), which can be decrypted with sk B using a re-encryption key (rk A→B ) [44,56]. Proxy only requires cyphertext A and the encryption key, which is created with sk A and pk B outside of the proxy. Therefore, the owner of cyphertext A can share secret data without revealing the private key or secret data. The key concept is to disclose the least data possible to proxy, because it is an untrusted platform, and to allow it to execute a key change from sk A to sk B to decrypt cyphertext A. The algorithm below explains the Proxy Re-encryption algorithm, which can be used in the framework [57,58].
• Key Generation: Let G 1 = g a cyclic group of prime order q. Patient private key sk a = a ∈ Z * q randomly selected and public key pk a = g a Doctor private key sk b = b ∈ Z * q randomly selected and public key pk b = g b r ∈ Z * q randomly selected. Z = e(g, g) • Encryption: Let m ∈ G 2 . Encrypted text C a = (Z r .m, g ra ). (4) • Decryption (Patient): C a → Proxy Server → C b (Z r .m, g ra ) → (Z r .m, e(g ra , rk A→B )). C b = (Z r .m, e g ra , g b/a ) • Decryption (Doctor): In Figure 5, the key exchange with the doctor is demonstrated. For instance, first the patient creates (sk a , pk a ) private and public key pairs. Using pk a public key, the patient encrypts a symmetric key for patient health record encryption before storing the record in IPFS. Then, the patient creates a re-encryption key (rk A→B ) using sk a and the doctor's public key (pk b ). After that, cyphertext A and rk A→B are stored in IOTA smart contracts. If the doctor's access request is confirmed, the smart contract sends cyphertext A and rk A→B to proxy to convert cyphertext A to cyphertext B. Finally, the doctor can decipher ciphertext B using their private key (sk b ).

IPFS and File Management
In current websites and computers, the location-based addressing method is used to access content [40,59]. For instance, to access a website, the client enters the Uniform Resource Locator (URL) to the browser. The URL provides the hostname and specific location, which is a directory, and then it points to a file. This type of network is called client-server communication, and it is a star network topology where clients are connected to a centralized server [40]. Data stored in centralized storage may not be available if the content provider deletes the content or if the data might have been manipulated by hackers. Thus, centralized storage systems become undesirable due to a single point of failure.

IPFS and File Management
In current websites and computers, the location-based addressing method is used to access content [40,59]. For instance, to access a website, the client enters the Uniform Resource Locator (URL) to the browser. The URL provides the hostname and specific location, which is a directory, and then it points to a file. This type of network is called clientserver communication, and it is a star network topology where clients are connected to a centralized server [40]. Data stored in centralized storage may not be available if the content provider deletes the content or if the data might have been manipulated by hackers. Thus, centralized storage systems become undesirable due to a single point of failure.
IPFS is a technology that is currently used for content addressing to access data [41]. It eliminates a single point of failure and uses the Merkle Tree algorithm [60] to ensure IPFS is a technology that is currently used for content addressing to access data [41]. It eliminates a single point of failure and uses the Merkle Tree algorithm [60] to ensure data integrity. It also uses peer-to-peer (P2P) network architecture to distribute pieces of the content over the network. The smallest piece in IPFS is 256KB. IPFS uses CID to address those small pieces. CIDs are created by hashing algorithms, as shown in Figure 6. Using the InterPlanetary Linked Data (IPLD) model, multiple CIDs of divided small data are linked to one CID. This final CID can be used to access the data stored in a distributed network. data integrity. It also uses peer-to-peer (P2P) network architecture to distribute pieces of the content over the network. The smallest piece in IPFS is 256KB. IPFS uses CID to address those small pieces. CIDs are created by hashing algorithms, as shown in Figure 6. Using the InterPlanetary Linked Data (IPLD) model, multiple CIDs of divided small data are linked to one CID. This final CID can be used to access the data stored in a distributed network. To store medical data in IPFS, there is an Application Programming Interface (API) that has to be developed. This API manages new health data encryption using a client public key, medical header creation, hashing content, storing encrypted new health data in IPFS, and storing encrypted IOTA message frames in the IOTA Tangle, as displayed in Figure 7. It is also responsible for retrieving the IOTA message frame from IOTA and encrypting this frame to retrieve stored data from the IPFS server, as is shown in Figure 8.  To store medical data in IPFS, there is an Application Programming Interface (API) that has to be developed. This API manages new health data encryption using a client public key, medical header creation, hashing content, storing encrypted new health data in IPFS, and storing encrypted IOTA message frames in the IOTA Tangle, as displayed in Figure 7. It is also responsible for retrieving the IOTA message frame from IOTA and encrypting this frame to retrieve stored data from the IPFS server, as is shown in Figure 8. data integrity. It also uses peer-to-peer (P2P) network architecture to distribute pieces of the content over the network. The smallest piece in IPFS is 256KB. IPFS uses CID to address those small pieces. CIDs are created by hashing algorithms, as shown in Figure 6. Using the InterPlanetary Linked Data (IPLD) model, multiple CIDs of divided small data are linked to one CID. This final CID can be used to access the data stored in a distributed network. To store medical data in IPFS, there is an Application Programming Interface (API) that has to be developed. This API manages new health data encryption using a client public key, medical header creation, hashing content, storing encrypted new health data in IPFS, and storing encrypted IOTA message frames in the IOTA Tangle, as displayed in Figure 7. It is also responsible for retrieving the IOTA message frame from IOTA and encrypting this frame to retrieve stored data from the IPFS server, as is shown in Figure 8.

Proposed Framework for Patient Health Records Access Management System
The proposed framework consists of three workflows: Hospital Admission, Patient Discharge, and Remote Patient Health Data Record. The architecture and deployment of the system are illustrated in Figure 9.

Proposed Framework for Patient Health Records Access Management System
The proposed framework consists of three workflows: Hospital Admission, Patient Discharge, and Remote Patient Health Data Record. The architecture and deployment of the system are illustrated in Figure 9.

Patient
The patient interacts with a web application and creates smart contracts for chosen health data to grant authorization to a specific user. There are two types of authorization that a patient can grant. The first is access only, while the second is access and post new data. This approach differs from current systems, where authorized users can independently post new data without the consent of the patient.

Doctor
The doctor is an authorized person who needs to access specific patient data. Using a PDV device, they can send a request to a patient for permission to access their data.

Hospital
Hospitals create smart contracts to charge patients for specific services provided during their appointment.

Web Appointment
This is used by patients to book an appointment with a doctor. The assigned doctor will receive a public key after an appointment has been approved. Hospitals also create smart contracts with the information provided by patients, such as IOTA addresses.

QR Scanner
This is an IoT device available at the hospital where the patient is admitted. The device scans the patient's IOTA address and then the patient selects, or the device assigns, the doctor to the patient (if not already done so via web appointment). The doctor's public key can also be exchanged with this device. Furthermore, it investigates previous transactions made with a patient's IOTA address to extract previous health records.

Smart Contracts
The framework introduces three distinct smart contracts for verifying patients and authorizing people (doctors), monitoring medical IoT device usage, billing patients for hospitalization, and patient-doctor key exchange using the PRE algorithm.  This device as shown in section A of Figure 9; it analyzes the medical header and categorizes medical data collected from the IPFS server. For instance, it shows patient test results under corresponding main categories (hematology, allergies, vaccination, etc.) to doctors, as illustrated in Figure 3. Doctors can then make a diagnosis or issue new tests.

IPFS
Different sorts of encrypted patient data are stored independently in IPFS servers.

Hospital Admission
The steps of patient admission are shown in the Hospital Admission Framework, which is section A of Figure 9. The interaction of objects is demonstrated in Figure 10, and all of the steps involved in the workflow are listed in Table 2. Table 2. Hospital admission flowchart steps. Step

Description
Step 1 Patient uses Hospital Web Application to make an appointment. Patient shares IOTA address and UUID.
Step 2 Patient obtains Doctor Public Key from Hospital Web Application. Patient uses Patient Application to give permission to selected Patient Medical Records using Doctor Public Key.
Step 3 Patient Application creates Re-encryption Key using Patient Private Key and Doctor Public Key. Patient Application uses Re-encryption Key to re-encrypt symmetric key that belongs to permissioned Medical Record.
Step 4 Patient Application creates parameters of the Smart Contract 1 (Doctor Public Key, Permissioned Medical Header, duration of permission, and re-encrypted symmetric key).
Step 5 Patient Application creates Smart Contract 1 to share proxy location with doctor for a limited period of time.
Step 6 Smart Contract shares Doctor Public Key, Permissioned Medical Header, duration of permission, and re-encrypted symmetric key with a proxy.
Step 7 Hospital receives patient information from Hospital Web Appointment and creates Smart Contract 2 to validate patient and patient's insurance. Then, fixed amount of IOTA tokens from insurance or patient IOTA address is withdrawn.
Step 8 Doctor searches patient appointment from Doctor Application (PDV). This information is received from Hospital Web Appointment Application.
Step 9 PDV connects to IOTA node and searches patient address in IOTA Tangle.
Step 10 PDV uses patient address to find old medical transactions in IOTA Tangle.
Step 11 UUID encrypted transaction messages are extracted from messages.

Step 12
Transaction messages are decrypted with UUID symmetric key.

Step 13
Doctor searches patient smart contract. Smart contract validates doctor and sends proxy location.
Step 14 Proxy validates Doctor using signature algorithm and sends medical header and corresponding re-encrypted symmetric key.
Step 15 PDV uses Doctor Private Key to decrypt re-encrypted symmetric key.Patient records are downloaded from IPFS using IPFS hash and decrypted with decrypted symmetric keys and stored in PVR temporarily.
Step 16 After patient records are visualized by PDV, doctor assigns IOT devices to patient using PDV and creates smart contracts with each assigned IOT Device.

Step 17
Each IOT device has a separate smart contract that is linked with Smart Contract 2 to request balance during medication.

Step 18
Smart Contract 3 updates Account Balance during medications.

Step 19
If needed, more IOTA tokens are taken from Smart Contract 2.
Patients must first provide an IOTA address that is specifically designated for patient health records in the provided framework. Section A of Figure 9 shows that there are two ways to accomplish this. The first is to use an online appointment application before coming to the hospital or to scan a QR code generated by a patient mobile application using a QR Scanner device while at the hospital. In both approaches, the patient provides an IOTA address and UUID, and the hospital delivers doctor information and the public key.
After a patient has been admitted to the hospital, every IoT device used in the process is connected to PDV using the IOTA MAM Protocol. PDV is responsible for recording every test result and diagnosis that comes from IoT devices. It can be seen in Figures 10 and 11 that when a patient is discharged, these data will be categorized, encrypted, and stored in IPFS.  Step

Description
Step 1 Patient uses Hospital Web Application to make an appointment. Patient shares IOTA address and UUID.
Step 2 Patient obtains Doctor Public Key from Hospital Web Application. Patient uses Patient Application to give permission to selected Patient Medical Records using Doctor Public Key.
Step 3 Patient Application creates Re-encryption Key using Patient Private Key and Doctor Public Key. Patient Application uses Re-encryption Key to re-encrypt symmetric key that belongs to permissioned Medical Record.
Step 4 Patient Application creates parameters of the Smart Contract 1 (Doctor Public Key, Permissioned Medical Header, duration of permission, and re-encrypted symmetric key). Patient Application creates Smart Contract 1 to share proxy location with doctor for a limited period of QR Scanner device while at the hospital. In both approaches, the patient provides an IOTA address and UUID, and the hospital delivers doctor information and the public key.
After a patient has been admitted to the hospital, every IoT device used in the process is connected to PDV using the IOTA MAM Protocol. PDV is responsible for recording every test result and diagnosis that comes from IoT devices. It can be seen in Figures 10  and 11 that when a patient is discharged, these data will be categorized, encrypted, and stored in IPFS.

Patient Discharge
Section B of Figures 9 and 12 illustrates the process, and Table 3 lists the steps for this workflow. Once a patient has completed medical treatments, the doctor discharges the patient through PDV. Then, PDV informs Smart Contract 2 of the patient discharge. Smart

Patient Discharge
Section B of Figures 9 and 12 illustrates the process, and Table 3 lists the steps for this workflow. Once a patient has completed medical treatments, the doctor discharges the patient through PDV. Then, PDV informs Smart Contract 2 of the patient discharge. Smart Contract 1 is linked to Smart Contract 2 to finalize the patient balance and to make the final transaction for the cost of treatment.   Step Description Step 21 Doctor creates new patient medical data from Doctor Application (PDV).
Step 22 PDV (Patient Data Visualizer) categorizes data according to Medical ID, such as test results, treatments, etc..
Step 23 After data are collected over a period of time, all data encrypted with random AES-256 symmetric key. At the same time, PDV examines whether any health data have not yet been published to IPFS. If this is the case, first, it will categorize the data as instructed in section IOTA Message Frame, and then categorized data will be encrypted with the AES-256 symmetric key. It will then publish encrypted data to IPFS. Using a patient public key, it encrypts AES-256 symmetric keys. After that, the medical header, encrypted symmetric key, and IPFS hash are combined and encrypted with patient UUID. Then, it stores the encrypted IOTA Message Header in IOTA tangle using a patient IOTA address. In this process, PVD uses API, as explained in section IPFS and File Management in Figure 7. Table 3. Patient discharge flowchart steps. Step Description Step 21 Doctor creates new patient medical data from Doctor Application (PDV).
Step 22 PDV (Patient Data Visualizer) categorizes data according to Medical ID, such as test results, treatments, etc..

Step 23
After data are collected over a period of time, all data encrypted with random AES-256 symmetric key.
Step 24 Encrypted data uploaded to IPFS.

Step 26
Symmetric key encrypted with patient public key.
Step 27 Using Encrypted symmetric key, IPFS Hash, and Medical ID, a medical header is created.

Step 28
Medical header encrypted with patient UUID and saved in IOT transaction message.

Step 29
Hospital sends patient discharge information to Smart Contract.

Step 30
Smart Contract validates insurance and sends unused IOTA tokens to patient IOTA address.

Remote Patient Health Data Record
There might be patients who need to be monitored remotely. Therefore, IoT devices must be compatible with IOTA MAM. For instance, in the proposed framework shown in section C of Figure 9, patients can connect IoT devices to mobile applications and receive data from devices at a set period of time. After data are collected, data can then be stored in IPFS. Figure 13 demonstrates how a patient can remotely store IoT data to IPFS, and the steps are enumerated in Table 4.

Results
In this section, the prototype applications are demonstrated, and the results are presented. There are four applications in total to simulate the framework. The first application is the Hospital Web Application, where patients can schedule an appointment with a doctor on a specific day and time. Patients have to provide a UUID and Patient IOTA Address to the application. The Hospital Web Application shares this information with the Doctor Application, which is the second application. Using this application, doctors can download permissioned patient records using IOTA Tangle, IPFS, and Proxy Re-encryption libraries. Doctor can also assign IoT medical devices to the patient during medication. The third application is the Patient Application for patients to manage their medical records and to grant access to selected doctors. Patients can also use this application to record their health records remotely using IoT medical devices. The fourth application is developed to simulate IoT medical devices, such as a blood glucose monitor. This application connects to an IOTA node and uses IOTA MAM technology to publish medical data for a period of time. These data can be collected from the Patient Application using the IOTA MAM root address generated in the Remote Medical IoT Device Application.

Results
In this section, the prototype applications are demonstrated, and the results are presented. There are four applications in total to simulate the framework. The first application is the Hospital Web Application, where patients can schedule an appointment with a doctor on a specific day and time. Patients have to provide a UUID and Patient IOTA Address to the application. The Hospital Web Application shares this information with the Doctor Application, which is the second application. Using this application, doctors can download permissioned patient records using IOTA Tangle, IPFS, and Proxy Re-encryption libraries. Doctor can also assign IoT medical devices to the patient during medication. The third application is the Patient Application for patients to manage their medical records and to grant access to selected doctors. Patients can also use this application to record their health records remotely using IoT medical devices. The fourth application is developed to simulate IoT medical devices, such as a blood glucose monitor. This application connects to an IOTA node and uses IOTA MAM technology to publish medical data for a period of time. These data can be collected from the Patient Application using the IOTA MAM root address generated in the Remote Medical IoT Device Application.

Application 1: Web Appointment with Hospital
Creating Web Appointment

•
Patient makes an appointment with doctor through hospital appointment system. • Patient provides IOTA Address and UUID. • Web appointment application creates a channel with Doctor Patient Medical Data Visualizer application via IOTA MAM protocol to submit patient information with encrypted private MAM channel; this process is shown in Figure 14.

Application 1: Web Appointment with Hospital
Creating Web Appointment • Patient makes an appointment with doctor through hospital appointment system. • Patient provides IOTA Address and UUID.

•
Web appointment application creates a channel with Doctor Patient Medical Data Visualizer application via IOTA MAM protocol to submit patient information with encrypted private MAM channel; this process is shown in Figure 14.

Application 2: Doctor Patient Medical Data Visualizer
This application is developed for doctors to visualize patient medical records and to assign IoT devices to a patient.

Creating Doctor Profile
• Doctor provides IOTA Seed.

Application 2: Doctor Patient Medical Data Visualizer
This application is developed for doctors to visualize patient medical records and to assign IoT devices to a patient.  Figure 15.

Visualizing Patient Medical Record
• Doctor selects categories ( Figure 17) to access medical records, which are collected from IPFS.

Visualizing Patient Medical Record
• Doctor selects categories ( Figure 17) to access medical records, which are collected from IPFS.

Assigning an IoT Device to a Patient
• Doctor selects a category and enters the root address of the device to assign IoT Medical Device to a patient.

•
Doctor application subscribes to an IoT device channel through private IOTA MAM channel ( Figure 18).

Assigning an IoT Device to a Patient
• Doctor selects a category and enters the root address of the device to assign IoT Medical Device to a patient. • Doctor application subscribes to an IoT device channel through private IOTA MAM channel ( Figure 18).

Creating New Medical Data
• After the doctor has selected a patient from Find Appointment, the doctor selects categories for new medical data and then writes clinical notes and creates medical data, as shown in Figure 19. • Created medical data are encrypted with random AES-256 symmetric key.

•
Encrypted medical data are stored in IPFS and then IPFS CID is collected.

•
Symmetric key is encrypted with patient public key. • Selected categories, encrypted symmetric key, and IPFS CID are recorded in patient IOT address as a transaction message.

Creating New Medical Data
• After the doctor has selected a patient from Find Appointment, the doctor selec categories for new medical data and then writes clinical notes and creates medica data, as shown in Figure 19.

•
Created medical data are encrypted with random AES-256 symmetric key.

•
Encrypted medical data are stored in IPFS and then IPFS CID is collected.

•
Symmetric key is encrypted with patient public key. • Selected categories, encrypted symmetric key, and IPFS CID are recorded in patien IOT address as a transaction message.

Application 3: Patient Medical Record Access Control
This application is developed for patients to access their private medical records and to give permission to selected doctors.

Application 3: Patient Medical Record Access Control
This application is developed for patients to access their private medical records an to give permission to selected doctors.  Symmetric key is decrypted with patient private key.  • Patient selects given categories to access medical records, which are collected from IPFS ( Figure 21).

Visualizing Medical Records
• Patient selects given categories to access medical records, which are collected from IPFS ( Figure 21).

Giving Permission to Doctor
• Patient selects categories ( Figure 22). • Patient enters doctor public key and duration of permission to selected categories. • Application collects the symmetric key of the category.

•
Application creates re-encrypted symmetric key using doctor public key and sym metric key.

•
Application sends doctor public key, duration, and re-encrypted symmetric key t proxy. Application creates re-encrypted symmetric key using doctor public key and symmetric key. • Application sends doctor public key, duration, and re-encrypted symmetric key to proxy.

Application 4: Remote Medical IoT Device
This application, which is shown in Figure 23, is developed to simulate remote medical IoT devices. It publishes blood glucose level when the start device is clicked. When the stop device is clicked, it stops publishing data. Published data can be read from a given root address, from the patient application, or from the doctor application.

Application 4: Remote Medical IoT Device
This application, which is shown in Figure 23, is developed to simulate remote medical IoT devices. It publishes blood glucose level when the start device is clicked. When the stop device is clicked, it stops publishing data. Published data can be read from a given root address, from the patient application, or from the doctor application.

Application 4: Remote Medical IoT Device
This application, which is shown in Figure 23, is developed to simulate remote medical IoT devices. It publishes blood glucose level when the start device is clicked. When the stop device is clicked, it stops publishing data. Published data can be read from a given root address, from the patient application, or from the doctor application.

Examination and Evaluation of the Proposed Applications
In this section, we present our experimental results and evaluation of the developed application. This assessment is established in terms of scalability, energy efficiency, and decentralisation. Important insights are grounded by analysing the results demonstrating IOTA Tangle's usefulness for the IOT domain. To do this, we deployed the latest IOTA reference implementation, a Java build personifying the IOTA network specifications on a local server for performing Proof of Work (PoW) operations [61]. The functionality related to IOTA addresses, transactions, routing, and multi-signatures has been implemented using the official Python library of the IOTA Distributed Ledger using iota.lib.py [62].
We configured each data node to generate transactions. A set of different Minimum Weight Magnitudes (MWM) (9,13,15) is used to identify the effect they have on the Transaction Per Second (TPS) measure. Mainly transactions are broadcast and shared amongst all participant nodes. Two performance metrics are used in this experiment: TPS and Throughput.
Scalability: As shown in Figure 24, the TPS transaction speed increases linearly when the number of nodes increases. For example, when MWM is 9 and 50 nodes are engaged, the TPS of the application reaches 4.4 tx/s (transaction per second) compared to the baseline TPS, which is 4 tx/s, as shown. Hence, our developed application is 0.4 times faster than the baseline method. When the MWM is 9 and the number of nodes is 180, the TPS reaches 11 tx/s, whereas in the baseline, TPS reaches 8.2 tx/s. This time, the developed application is 2.8 times faster than the baseline method. This validates that our proposed solution is more scalable than the baseline method.
decentralisation. Important insights are grounded by analysing the results demonstrating IOTA Tangle's usefulness for the IOT domain. To do this, we deployed the latest IOTA reference implementation, a Java build personifying the IOTA network specifications on a local server for performing Proof of Work (PoW) operations [61]. The functionality related to IOTA addresses, transactions, routing, and multi-signatures has been implemented using the official Python library of the IOTA Distributed Ledger using iota.lib.py [62].
We configured each data node to generate transactions. A set of different Minimum Weight Magnitudes (MWM) (9,13,15) is used to identify the effect they have on the Transaction Per Second (TPS) measure. Mainly transactions are broadcast and shared amongst all participant nodes. Two performance metrics are used in this experiment: TPS and Throughput.
Scalability: As shown in Figure 24, the TPS transaction speed increases linearly when the number of nodes increases. For example, when MWM is 9 and 50 nodes are engaged, the TPS of the application reaches 4.4 tx/s (transaction per second) compared to the baseline TPS, which is 4 tx/s, as shown. Hence, our developed application is 0.4 times faster than the baseline method. When the MWM is 9 and the number of nodes is 180, the TPS reaches 11 tx/s, whereas in the baseline, TPS reaches 8.2 tx/s. This time, the developed application is 2.8 times faster than the baseline method. This validates that our proposed solution is more scalable than the baseline method. Our proposed solution improves the baseline method in terms of efficiency in processing transactions. For example, when the MWM is set to 15 and 180 modes are engaged, the average TPS of baseline reaches 2 tx/s. When employing our developed application, the average TPS reaches 3.3 tx/s due to computing offloading mechanisms, as presented in Figure 24.
Energy efficiency: The nodes that are performing PoW have an impact on the total energy consumption. The computing offloading preserves energy and reduces the time it takes to process transactions. Our application reduces power due to offloading Our proposed solution improves the baseline method in terms of efficiency in processing transactions. For example, when the MWM is set to 15 and 180 modes are engaged, the average TPS of baseline reaches 2 tx/s. When employing our developed application, the average TPS reaches 3.3 tx/s due to computing offloading mechanisms, as presented in Figure 24.
Energy efficiency: The nodes that are performing PoW have an impact on the total energy consumption. The computing offloading preserves energy and reduces the time it takes to process transactions. Our application reduces power due to offloading mechanisms and an allied decrease in the number of transmissions. Figure 24 demonstrates the consequence of MWM on the TPS. In this evaluation, MWM is set to 9, 13, 15 to measure the effect on the TPS. As we can see, the TPS is affected by the use of different MWM configurations; when set to 9, it reaches 11 tx/s, and when set to 15, it reaches 3.3 tx/s. Decentralisation: Our proposed solution is decentralised, as the consensus mechanism is implemented for usage.
In addition, we measured the performance of traditional computer systems using classical performance metrics: CPU and RAM. We measured the percentage of time our developed application uses the CPU to process the instructions actively. Alternatively, RAM measures the amount of memory used by the developed applications. CPU and RAM are valuable metrics in assessing the overall performance and capacity of the proposed systems.
Hospital, doctor, and patient applications are developed in this research, and the CPU usage of these applications is measured and presented in Figure 25. As shown in Figure 25, the hospital application uses 0.32% CPU in the TPS of 60 tx/s. Similarly, the hospital application uses 0.55% CPU in the TPS of 120 tx/s. The doctor application's CPU usage is 0.35% in the TPS of 120 tx/s and the patient application's CPU usage is 24% in the TPS of 120 tx/s. CPU usage increases TPS transaction speed when the CPU usage increases in hospital, doctor, and patient applications.
In addition, we measured the performance of traditional computer systems using classical performance metrics: CPU and RAM. We measured the percentage of time our developed application uses the CPU to process the instructions actively. Alternatively, RAM measures the amount of memory used by the developed applications. CPU and RAM are valuable metrics in assessing the overall performance and capacity of the proposed systems.
Hospital, doctor, and patient applications are developed in this research, and the CPU usage of these applications is measured and presented in Figure 25. As shown in Figure 25, the hospital application uses 0.32% CPU in the TPS of 60 tx/s. Similarly, the hospital application uses 0.55% CPU in the TPS of 120 tx/s. The doctor application's CPU usage is 0.35% in the TPS of 120 tx/s and the patient application's CPU usage is 24% in the TPS of 120 tx/s. CPU usage increases TPS transaction speed when the CPU usage increases in hospital, doctor, and patient applications. The RAM usage of the hospital, doctor, and patient applications are measured and presented in Figure 26. The hospital application uses 0.44% RAM in the TPS of 40 tx/s. Similarly, the hospital application uses 0.47% RAM in the TPS of 120 tx/s. The doctor application's RAM usage is 0.31% in the TPS of 120 tx/s, and the patient application's RAM usage is 14% in the TPS of 120 tx/s. RAM usages of the proposed hospital, doctor, and patient applications do not constantly upsurge when transaction speed increases. The RAM usage of the hospital, doctor, and patient applications are measured and presented in Figure 26. The hospital application uses 0.44% RAM in the TPS of 40 tx/s. Similarly, the hospital application uses 0.47% RAM in the TPS of 120 tx/s. The doctor application's RAM usage is 0.31% in the TPS of 120 tx/s, and the patient application's RAM usage is 14% in the TPS of 120 tx/s. RAM usages of the proposed hospital, doctor, and patient applications do not constantly upsurge when transaction speed increases. Our proposed application of IOTA Distributed Ledger Technology is appropriate to apply to diverse industries that manage personal and sensitive data. Private and secure personal records access management is imperative in various communities and indus- Our proposed application of IOTA Distributed Ledger Technology is appropriate to apply to diverse industries that manage personal and sensitive data. Private and secure personal records access management is imperative in various communities and industries. As a distributed ledger technology, IOTA ensures scalability, decentralisation, fast transaction, efficient communication, integration with IOT devices with limited capabilities, and potential for the machine-to-machine economy. By applying this technology, organisations can provide their users with privacy and build trust. The benefit of this research is that the proposed solution can be applied to other industries by modifying the system requirements.
The primary focus of the Internet-of-Things Application is to enable secure and scalable transactions between devices using distributed ledger technology. In this research, IOTA's DLT can enhance data integrity, privacy, and interoperability in healthcare systems that help secure sharing and access to medical records. The benefit of IOTA's technology is its broader applicability across various industries. This technology allows devices to securely communicate and share data in a decentralised and scalable manner and enables machine-to-machine (M2M) data integrity and trustless interactions between IoT devices. Moreover, IOTA can be applied to energy systems to facilitate the decentralisation of energy trading and management, allowing peer-to-peer energy transaction and grid optimisation and facilitating the integration of renewable energy sources. In addition, IOTA's DLT can be used to track and trace goods throughout the supply chain, ensuring transparency and immutability of data. This can also enhance the efficiency of supply chain processes, inventory management improvement, fraud reduction, and automated and secure transaction between stakeholders. IOTA technology can provide a secure data exchange from various city systems, such as energy, waste management, and transportation, contributing to building more innovative and efficient communities.

Discussion
In the framework, PHR is stored in IPFS. The IOTA Protocol is used to store IPFS hashes, to generate smart contracts, and to communicate securely with IoT devices using IOTA MAM. To achieve decentralization, an IOTA distributed ledger and IPFS protocols are used. What makes IOTA preferable compared to the other distributed ledger technologies is the Tangle technology. Tangle technology overcomes two fundamental disadvantages of blockchain: transaction costs and scalability. This framework will also bring clarity to hospital expenses in terms of patient care fees. In Australia, hospitals are calculating the cost by Activity-based funding (ABF), which is the number of services provided to patients [63]. In the proposed framework, every medical IoT device that is used for medication is registered in smart contracts, and payments are collected over time based on consumption.
Energy consumption is another issue that IOTA Tangle technology tries to solve by eliminating miners. There are no blocks compared to blockchain, thus allowing IoT Tangle to be scalable. For instance, the estimated power consumption of Bitcoin is 0.1 to 10 GW due to PoW calculations for blocks and cooling the machines [64]. In IOTA, power consumption is reduced with periodical snapshots by resetting transaction history. Thus, compared to other blockchain-based systems proposed in the literature, the computing cost is expected to be reduced in the proposed framework.
One of the main advantages of IOTA is the lack of miners; therefore, there is no fee for transactions, making it suitable for IoT devices in terms of machine-to-machine transactions. However, during periodic snapshots taken by the IOTA Foundation, zero value transactions messages and zero value addresses are removed from Tangle to make it lightweight, increase transaction speed, and decrease the power consumption of nodes. Unless it is recorded in Permanodes or histories of transactions are manually extracted, the deleted history of transactions cannot be restored. This poses a problem in the framework for medical headers, which is saved in transaction messages linked to the Patient IOTA Address. To save prior medical headers, an API that automatically collects past transactions of Patient IOTA Address must be established. This API must automatically store previous transactions in IPFS and retrieve them after the snapshot is completed. Snapshots are also a challenge in terms of service availability. However, IOTA development is in the beta stage, and the IOTA Foundation has announced that in the future, snapshots will be automated for each node.
Limitations of the framework include the fact that IOTA is not completely decentralized because of coordinator nodes. To confirm transactions, the current IOTA protocol still relies on coordinator nodes, which are administered by the IOTA Foundation. As a result, it cannot be called a completely decentralized distributed ledger. However, IOTA is in the development phase, and the IOTA foundation recently introduced Coordicide to eliminate coordinator nodes [52] to make it completely decentralized. Another concern is that even though IOTA transactions are free, smart contracts, on the other hand, require a fee for computational effort. However, the IOTA Smart Contract Protocol allows users to choose their own committee of nodes; thus, hospitals can use their own computer to reduce the cost of smart contracts.
In the initial development, Proxy Re-encryption was considered to be used for all data that are stored in IPFS. In this way, the patient could have encrypted all data with a public key without revealing the private key to the doctor. However, Proxy Re-encryption is very slow for big data [43]; therefore, Proxy Re-encryption is only used for encryption of 256-bit symmetric key, which is shared with doctors to decrypt IPFS data.
Another limitation is that distributed storages, such as IPFS, which is used in the framework, is not acceptable in certain countries, such as the USA and Australia, according to their legislation, including HIPAA [65] and the My Health Records Act, where patient data storage location is unknown. These laws were set with the concern of availability and accessibility of the data. However, this can be solved by creating a private IPFS network or assigning servers that are always connected to the IPFS network in hospitals. However, this will oppose the purpose of using the IPFS distributed ledger for decentralizing patient records and reducing hospital expenses.

Conclusions
Traditional patient electronic health record systems are expensive, complex, centralized, and often insecurely store patient data. Furthermore, patient confidentiality and privacy are not prioritized in many systems. This study focused on designing a fully decentralized PHR using IOTA Tangle to secure patient medical records and IOT medical devices and to create an access management system that gives patients full control of their own medical records.
The proposed framework can improve healthcare services by providing immutable, secure, scalable, trusted, self-managed, and traceable patient health records. IOTA technology eliminates miners, and it enables feeless micro transactions, secure communication between IOT devices, and low-cost smart contracts, which are fundamental components of the framework.
In the next phase, a prototype system will be developed to simulate the behavior of the framework. The first step of the work is developing a Web application that will extract IOTA transactions from the given IOT address. The second step is developing a mobile application that will be used by patients to give access to authorized people by using smart contracts. The third and last step is developing a web application that will be used by a doctor for Proxy Re-encryption for key exchange with patients.